Javaのアンドロイド - uplaud APKとGoogleのセキュリティの警告を再生

Question

私はGoogleのストアにGoogleのゲームにAPKを更新するとき私にセキュリティ警告を送信、。これはメールです：

私たちの悪意のある行為またはユーザーデータポリシーに違反して、*****というパッケージ名で****を拒否しました。アップデートを送信した場合、以前のバージョンのアプリは引き続きGoogle Playで利用できます。

This app uses software that contains security vulnerabilities for users or allows the collection of user data without proper disclosure. 

Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please upgrade your app(s) as soon as possible and increment the version number of the upgraded APK. 

Vulnerability APK Version(s) 
TrustManager 
You can find more information about TrustManager in this Google Help Center article. 

10 
To confirm you’ve upgraded correctly, submit the updated version of your app to the Play Console and check back after five hours to make sure the warning is gone. 

While these vulnerabilities may not affect every app that uses this software, it’s best to stay up to date on all security patches. Make sure to update any libraries in your app that have known security issues, even if you're not sure the issues are relevant to your app. 

Apps must also comply with the Developer Distribution Agreement and Developer Program Policies. 

そして、これは私がのTrustManagerを実装している私のコードです：

public class MySSLSocketFactory extends SSLSocketFactory { 
    SSLContext sslContext = SSLContext.getInstance("TLS"); 

    public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { 
     super(truststore); 
     TrustManager tm = new X509TrustManager() { 
      public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { 
      } 

      public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { 
      } 

      public X509Certificate[] getAcceptedIssuers() { 
       return null; 
      } 
     }; 

     sslContext.init(null, new TrustManager[]{tm}, null); 
    } 

    @Override 
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { 
     return sslContext.getSocketFactory().createSocket(socket, host, port, autoClose); 
    } 

    @Override 
    public Socket createSocket() throws IOException { 
     return sslContext.getSocketFactory().createSocket(); 
    } 
} 

そして、これは私のbuild.gradleです：

compile fileTree(dir: 'libs', include: ['*.jar']) 
    androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', { 
     exclude group: 'com.android.support', module: 'support-annotations' 
    }) 
    compile 'com.android.support:appcompat-v7:25.1.0' 
    compile 'com.android.support.constraint:constraint-layout:1.0.2' 
    testCompile 'junit:junit:4.12' 
    compile 'net.zetetic:android-database-sqlcipher:3.3.1-2@aar' 
    compile group: 'org.apache.commons', name: 'commons-lang3', version: '3.0' 
    compile group: 'org.json', name: 'json', version: '20090211' 
    compile 'dk.ilios:realmfieldnameshelper:1.0.0' 
    compile 'io.realm:android-adapters:1.3.0' 
    compile 'com.google.firebase:firebase-messaging:9.0.2' 
    compile 'com.android.support:recyclerview-v7:23.3.0' 
    compile 'com.android.support:design:23.2.0' 
    compile 'org.apache.httpcomponents:httpcore:4.4.1' 
    compile 'org.apache.httpcomponents:httpclient:4.5' 

Answer 1

uがすでにcheckValidityを実装しようとします（ ）声明？これを見てください：

public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { 
    try { 
     chain[0].checkValidity(); 
    } catch (Exception e) { 
     throw new CertificateException("Certificate not valid or trusted."); 
    } 
}